Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Java Security Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
-
MifareClassicTool
An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.
-
pac4j
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
-
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
-
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
-
burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
-
itext-java
iText for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText can be a boon to nearly every workflow.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
In this article we'll be using Keycloak to quickly augment an application with user management and SSO. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.
I use ZAP [1] with the OAST add-on for this at the moment. I admit the UX isn't perfect, but it serves my purpose.
If I also want control over the responses (e.g. return a 401 status code for every fifth request), I have a custom extender script [2] for that.
[1]: https://www.zaproxy.org/
I get what you are trying to do, but it feels a bit insecure. Why not use an OSS passwordless project like https://github.com/supertokens/supertokens-core/ or https://github.com/teamhanko/hanko
Project mention: Dropbox: How to opt out of 3rd party AI partner access to your Dropbox | news.ycombinator.com | 2023-12-13the best way to do this is with https://cryptomator.org
Project mention: graylog VS openobserve - a user suggested alternative | libhunt.com/r/graylog2-server | 2023-09-07
Project mention: OWASP dependency check (<9.0.0) could fail to work after Dec 15th, 2023 | /r/programming | 2023-12-05
The only missing feature in this architecture is the login and logout capability. In this case, Apache Zeppelin provides Shiro for notebook authentication. Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Here, you can find a step-by-step guide about how Shiro works. This example uses the default configuration.
Project mention: The Java security framework to protect web applications and web services | news.ycombinator.com | 2023-06-26
Project mention: Show HN: Pre-alpha tool for analyzing spdx SBOMs generated by GitHub | news.ycombinator.com | 2024-04-21I've become interested in SBOM recently, and found there were great tools like https://dependencytrack.org/ for CycloneDX SBOMs, but all I have is SPDX SBOMs generated by GitHub.
I decided to have a go at writing my own dependency track esque tool aiming to integrate with the APIs GitHub provides.
It's pretty limited in functionality so far, but can give a high level summary of the types of licenses your repository dependencies use, and let you drill down into potentially problematic ones.
Written in NextJS + mui + sqlite, and using another project of mine to generate most of the API boilerplate/glue (https://github.com/mnahkies/openapi-code-generator)
Project mention: Show HN: filippo.io/mlkem768 – Post-Quantum Cryptography for the Go Ecosystem | news.ycombinator.com | 2024-02-01Note that there may be incompatibilities until NIST has published the final revisions. Some specifications are on Round 3 kyber, others are on FIPS 203.
This one will interoperate with Bouncy Castle as we both use FIPS 203 draft, but won't interoperate with OQS that is still on the Round 3 submission.
See also: https://github.com/bcgit/bc-java/issues/1578
Would love to hear your thoughts on Peergos - https://peergos.org
https://github.com/peergos/peergos
Project mention: FastPDF Service API (Java) VS itext7 - a user suggested alternative | libhunt.com/r/fastpdf-java | 2023-12-07
Java Security related posts
-
Securing Remix Apps with Keycloak
-
Simplifying Keycloak Configuration with Terraform and Terragrunt
-
Ask HN: Simple Auth for Website
-
Securing Vue Apps with Keycloak
-
User Management and Identity Brokering for On-Prem Apps with Keycloak
-
Navigating Identity Authentication: From LDAP to Modern Protocols
-
Ask HN: No-code, simple-setup user management
-
A note from our sponsor - InfluxDB
www.influxdata.com | 17 May 2024
Index
What are some of the best open-source Security projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | Keycloak | 20,124 |
2 | ZAP | 12,059 |
3 | SuperTokens Community | 11,984 |
4 | Cryptomator | 10,703 |
5 | jjwt | 9,894 |
6 | Spring Security | 8,441 |
7 | graylog | 7,138 |
8 | DependencyCheck | 5,931 |
9 | MifareClassicTool | 4,276 |
10 | Apache Shiro | 4,261 |
11 | hawk | 3,966 |
12 | jasypt-spring-boot | 2,801 |
13 | FairEmail | 2,766 |
14 | pac4j | 2,381 |
15 | dependency-track | 2,347 |
16 | jCasbin | 2,326 |
17 | find-sec-bugs | 2,209 |
18 | Bouncy Castle | 2,173 |
19 | orbot | 1,988 |
20 | burpgpt | 1,895 |
21 | Peergos | 1,873 |
22 | itext-java | 1,875 |
23 | BinAbsInspector | 1,521 |
Sponsored